gonzo cryptography; how would you improve existing cryptosystems?

Jon Callas jon at callas.org
Wed Nov 9 17:27:46 EST 2005


On 4 Nov 2005, at 5:23 PM, Travis H. wrote:

> For example, pgp doesn't hide the key IDs of the addressees.

But OpenPGP does. Here's an extract fro RFC 2440:

5.1. Public-Key Encrypted Session Key Packets (Tag 1)

[...]

    An implementation MAY accept or use a Key ID of zero as a "wild  
card"
    or "speculative" Key ID. In this case, the receiving implementation
    would try all available private keys, checking for a valid decrypted
    session key. This format helps reduce traffic analysis of messages.

Now, there has been much discussion about how useful this is, and  
there are other related issues like how you do the UI for such a  
thing. But the *protocol* handles it.

You might also want to look at the PFS extensions for OpenPGP:

<http://www.apache-ssl.org/openpgp-pfs.txt>

and even OTR, which is very cool in its own right (and is designed to  
take care of the sort of edge conditions all of these other things  
have):

<http://www.cypherpunks.ca/otr/>

	Jon


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list